fixed reverse byte method.

dghgit · dghgit · commit abb9961cacb9 · 2022-09-25T08:47:07.000+10:00
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/Grain128AEADEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/Grain128AEADEngine.java
@@ -91,12 +91,12 @@ public void init(boolean forEncryption, CipherParameters params)
         if (keyBytes.length != 16)
         {
             throw new IllegalArgumentException(
-                  "Grain-128AEAD key must be 128 bits long");
+                "Grain-128AEAD key must be 128 bits long");
         }
 
         CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties(
-                this.getAlgorithmName(), 128, params, Utils.getPurpose(forEncryption)));
-        
+            this.getAlgorithmName(), 128, params, Utils.getPurpose(forEncryption)));
+
         /**
          * Initialize variables.
          */
@@ -418,6 +418,7 @@ private void doProcessAADBytes(byte[] input, int inOff, int len)
         {
             ader[1 + aderlen + i] = (byte)reverseByte(input[inOff + i]);
         }
+
         byte adval;
         int adCnt = 0;
         for (int i = 0; i < ader.length; ++i)
@@ -467,14 +468,14 @@ public int doFinal(byte[] out, int outOff)
             doProcessAADBytes(aadData.getBuf(), 0, aadData.size());
             aadFinished = true;
         }
-        
+
         this.mac = new byte[8];
 
         output = getOutput();
         nfsr = shift(nfsr, (getOutputNFSR() ^ lfsr[0]) & 1);
         lfsr = shift(lfsr, (getOutputLFSR()) & 1);
         accumulate();
-        
+
         int cCnt = 0;
         for (int i = 0; i < 2; ++i)
         {
@@ -483,7 +484,7 @@ public int doFinal(byte[] out, int outOff)
                 mac[cCnt++] = (byte)((authAcc[i] >>> (j << 3)) & 0xff);
             }
         }
-        
+
         System.arraycopy(mac, 0, out, outOff, mac.length);
 
         try
@@ -514,9 +515,9 @@ public int getOutputSize(int len)
 
     private int reverseByte(int x)
     {
-        x = (((x & 0x55) << 1) | ((x & (~0x55)) >>> 1)) & 0xFF;
-        x = (((x & 0x33) << 2) | ((x & (~0x33)) >>> 2)) & 0xFF;
-        x = (((x & 0x0f) << 4) | ((x & (~0x0f)) >>> 4)) & 0xFF;
+        x = (((x & 0x55) << 1) | ((x & (0xAA)) >>> 1)) & 0xFF;
+        x = (((x & 0x33) << 2) | ((x & (0xCC)) >>> 2)) & 0xFF;
+        x = (((x & 0x0f) << 4) | ((x & (0xf0)) >>> 4)) & 0xFF;
         return x;
     }
 
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/Grain128AEADTest.java b/core/src/test/java/org/bouncycastle/crypto/test/Grain128AEADTest.java
@@ -124,14 +124,9 @@ private void testLongAEAD()
         byte[] Nonce = Hex.decode("000102030405060708090A0B");
         byte[] PT = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
         byte[] AD = Hex.decode(   // 186 bytes
-            "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
-                + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
-                + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
-                + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
-                + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
-                + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E");
-        byte[] CT = Hex.decode("731daa8b1d15317a1ccb4e3dd320095fb27e5bb2a10f2c669f870538637d4f1641bdc02d3cc432a5");
-
+            "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9");
+        byte[] CT = Hex.decode("731DAA8B1D15317A1CCB4E3DD320095FB27E5BB2A10F2C669F870538637D4F162298C70430A2B560");
+    
         Grain128AEADEngine grain = new Grain128AEADEngine();
         ParametersWithIV params = new ParametersWithIV(new KeyParameter(Key), Nonce);
         grain.init(true, params);
@@ -144,7 +139,7 @@ private void testLongAEAD()
         len += grain.processBytes(PT, 11, PT.length - 11, rv, len);
 
         grain.doFinal(rv, len);
-
+ 
         isTrue(Arrays.areEqual(rv, CT));
 
         grain.processBytes(PT, 0, 10, rv, 0);

Original file line number	Diff line number	Diff line change
`@@ -91,12 +91,12 @@ public void init(boolean forEncryption, CipherParameters params)`
`91`	`91`	`if (keyBytes.length != 16)`
`92`	`92`	`{`
`93`	`93`	`throw new IllegalArgumentException(`
`94`		`- "Grain-128AEAD key must be 128 bits long");`
	`94`	`+ "Grain-128AEAD key must be 128 bits long");`
`95`	`95`	`}`
`96`	`96`
`97`	`97`	`CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties(`
`98`		`- this.getAlgorithmName(), 128, params, Utils.getPurpose(forEncryption)));`
`99`		`-`
	`98`	`+ this.getAlgorithmName(), 128, params, Utils.getPurpose(forEncryption)));`
	`99`	`+`
`100`	`100`	`/**`
`101`	`101`	`* Initialize variables.`
`102`	`102`	`*/`
`@@ -418,6 +418,7 @@ private void doProcessAADBytes(byte[] input, int inOff, int len)`
`418`	`418`	`{`
`419`	`419`	`ader[1 + aderlen + i] = (byte)reverseByte(input[inOff + i]);`
`420`	`420`	`}`
	`421`	`+`
`421`	`422`	`byte adval;`
`422`	`423`	`int adCnt = 0;`
`423`	`424`	`for (int i = 0; i < ader.length; ++i)`
`@@ -467,14 +468,14 @@ public int doFinal(byte[] out, int outOff)`
`467`	`468`	`doProcessAADBytes(aadData.getBuf(), 0, aadData.size());`
`468`	`469`	`aadFinished = true;`
`469`	`470`	`}`
`470`		`-`
	`471`	`+`
`471`	`472`	`this.mac = new byte[8];`
`472`	`473`
`473`	`474`	`output = getOutput();`
`474`	`475`	`nfsr = shift(nfsr, (getOutputNFSR() ^ lfsr[0]) & 1);`
`475`	`476`	`lfsr = shift(lfsr, (getOutputLFSR()) & 1);`
`476`	`477`	`accumulate();`
`477`		`-`
	`478`	`+`
`478`	`479`	`int cCnt = 0;`
`479`	`480`	`for (int i = 0; i < 2; ++i)`
`480`	`481`	`{`
`@@ -483,7 +484,7 @@ public int doFinal(byte[] out, int outOff)`
`483`	`484`	`mac[cCnt++] = (byte)((authAcc[i] >>> (j << 3)) & 0xff);`
`484`	`485`	`}`
`485`	`486`	`}`
`486`		`-`
	`487`	`+`
`487`	`488`	`System.arraycopy(mac, 0, out, outOff, mac.length);`
`488`	`489`
`489`	`490`	`try`
`@@ -514,9 +515,9 @@ public int getOutputSize(int len)`
`514`	`515`
`515`	`516`	`private int reverseByte(int x)`
`516`	`517`	`{`
`517`		`- x = (((x & 0x55) << 1) \| ((x & (~0x55)) >>> 1)) & 0xFF;`
`518`		`- x = (((x & 0x33) << 2) \| ((x & (~0x33)) >>> 2)) & 0xFF;`
`519`		`- x = (((x & 0x0f) << 4) \| ((x & (~0x0f)) >>> 4)) & 0xFF;`
	`518`	`+ x = (((x & 0x55) << 1) \| ((x & (0xAA)) >>> 1)) & 0xFF;`
	`519`	`+ x = (((x & 0x33) << 2) \| ((x & (0xCC)) >>> 2)) & 0xFF;`
	`520`	`+ x = (((x & 0x0f) << 4) \| ((x & (0xf0)) >>> 4)) & 0xFF;`
`520`	`521`	`return x;`
`521`	`522`	`}`
`522`	`523`